Posted
by
samzenpus
on Sunday October 30, 2011 @02:17PM
from the on-second-thought dept.

wiredmikey writes "Microsoft has dismissed a lawsuit against a company it contended a month ago was at the heart of the now-defunct Kelihos botnet. In September, Microsoft named Dominique Piatti and his company dotFree Group SRO as controllers of the botnet. The move marked the first time Microsoft had named a defendant in one of its botnet-related civil suits. 'Since the Kelihos takedown, we have been in talks with Mr. Piatti and dotFree Group s.r.o. and, after reviewing the evidence voluntarily provided by Mr. Piatti, we believe that neither he nor his business were involved in controlling the subdomains used to host the Kelihos botnet,' blogged Richard Domingues Boscovich, Senior Attorney for Microsoft's Digital Crimes Unit. 'Rather, the controllers of the Kelihos botnet leveraged the subdomain services offered by Mr. Piatti's cz.cc domain.' In regards to Kelihos, Boscovich said Microsoft is continuing its legal fight against the 22 'John Does' listed as co-defendants in the lawsuit."

That's a serious accusation to make, especially when lacking in adequate evidence to support such a claim.

FTA: As part of the settlement, Piatti agreed to delete all the subdomains used to either operate the Kelihos botnet or for other illegitimate purposes or to transfer those subdomains to Microsoft. In addition, Piatti and dotFree Group will work with Microsoft to implement best practices to prevent abuse of free subdomains and use these best practices to establish a secure free Top Level Domain as they expand their business going forward.

What exactly does Piatti get in exchange for the damage to his company's reputation?

There are two things to note here. It looks similar to plea bargains in criminal court cases where the defendant pleads to a lesser offense in exchange for cooperation on other targets of investigation. Second, we don't actually know that Piatti was innocent of these charges. The mere fact that they're acquiescing so readily tells me that they probably were looking at serious charges, even if the original ones were pure slander (and those may well have not been!).

Or maybe that they were acting in good faith and were unwittingly helping the botnet people do their nefarious work, and that now that they have egg on their face, they welcome the chance to have help establishing procedures that would prevent it from happening again?

Never ascribe to malice that which can adequately be explained by incompetence.

What does Piatti get? He gets a bot-free business. Damage to his company's reputation? That's HIS problem, seeing that he carelessly allowed his domains to be used for bot-netting. He caused the damage himself, by way of neglect.

I don't even like Microsoft, and I resent the fact that you have forced me to defend Microsoft. FFS, AC, have you no sense at all? If the White House were to come under cybernetic attack, and the majority of those attacks appeared to originate from my house, you bet your ASS that the Secret Service will be knocking on my door, with a battering ram! They will confiscate every electronic device I own, they will confiscate my ass, and they will publicize my arrest around the world.

In which case, I will be solely responsible for the "damage" to my reputation, for having failed to secure my computers.

In which case, I will be solely responsible for the "damage" to my reputation, for having failed to secure my computers.

No, you'd be solely to blame for the failure to secure your computers, but you wouldn't be responsible for the attack which is the action of an unassociated third party - you'd not be guilty of aiding them or being part of a conspiracy. http://en.wikipedia.org/wiki/Mens_rea [wikipedia.org] Perhaps people would do a better job at security if this was different, but that has large risks as well.

Walking into a bank with a hand in your pocket and a demand for money elicits a poor response.

Escalating a disagreement with another person to the extent of dismemberment elicits a "poor response," and the jury won't care who was "right."

And sending a certain pattern of signalling to the White House's computers will also elicit a poor response, just as setting the pins on a lock (which does not belong to you) in a certain orientation may bring about a

you bet your ASS that the Secret Service will be knocking on my door, with a battering ram!

Doesn't it worry you that you're endowing a private (and frequently predatory) company with government responsibilities and powers?

The US Secret Service has a mandate to protect your nation's leaders, visiting world leaders, national special security events, and the integrity of the nation's currency. Microsoft has a mandate solely to take money from you, yet you're giving them virtual search and seizure powers.

Actually, no. I haven't researched just how they identified the botnet. It's possible that they exceeded any reasonable authority to do so. But, once the botnet was identified, it seems that they went to court, seeking reparations, and to shut the net down. That much seems reasonable. I would do as much. Search and seizure? It would seem that the court did that, after being presented with some reasonable evidence.

As I already said, I don't even like Microsoft. But, I can't go for mindlessly bashing

"If the White House were to come under cybernetic attack, and the majority of those attacks appeared to originate from my house, you bet your ASS that the Secret Service will be knocking on my door, with a battering ram!"

Cybernetic attack?

If it was a cybernetic attack then I think the secret service would have more to worry about than you as I suspect it would look more like Rise of the Machines than it would Hackers.

Yes this is just a typical Slashdot pedant post, I just couldn't help but point out that cy

The usual Slashdot response is to put a bullet into botnet owners heads or nuke them from orbit, no questions asked. Well, in this case there would be an innocent man dead. It just shows it isn't always so easy to find them.

No, Microsoft really doesn't give a sh*t about which OS is used to host a bunch of DNS servers, and they don't give away Window Server licenses to any company because that's their biggest money maker: selling their server products to corporations.

MS could care less about home users pirating a $130 copy of Windows 7. The real money is in selling $1000+ server licenses to companies for many servers, as well as having to buy things like seat licenses and other expensive server products (like SharePoint). Plus

There is nothing that "MS could care less about" when it comes to computing. MS has engaged in one of the biggest social engineering experiments in history. They are actively engaged in conditioning children worldwide, to use Microsoft products.

"what specific harm are they suffering" They are not directly suffering a lot of harm from bot nets. It's the users who get harmed when their computers get botted and used to support criminal activities. The vast majority of these bots spread using social engineering attacks to dupe the users into infecting them selves. Bot attacks also take advantage of poor system administration practices to infect a system. No OS security can totally prevent these types of attacks. MS just seems to be the only IT compan

Actually, Microsoft is part of a consortium of IT companies who are on a rampage trying to find and sue out of existence all the botnet operators. There's an anti-virus vendor or two and possible a couple of major search engines in it as well.

Micorsoft can't "dismiss" a case. They can "drop" a case (drop being a non-technical term). But "dismiss" is a technical term. Only the Judge can dismiss a case. Microsoft can drop the case by requesting a dismissal, but if the defendants object to the dismissal (and they often do, because to accept it often blocks the "winner" collecting fees from the "loser"), then the judge will likely not dismiss the case. It's like the term "broadband" being misused constantly, with most fiber connections not bein